asterisk 1:1.4.17~dfsg-2ubuntu1.1 source package in Ubuntu
Changelog
asterisk (1:1.4.17~dfsg-2ubuntu1.1) hardy-security; urgency=low
* SECURITY UPDATE: ACK response spoofing
- added debian/patches/CVE-2008-1897: Adjust chan_iax2.c to use a special
id to prevent ACK response spoofing. Based on upstream patch.
- CVE-2008-1897
- AST-2008-006
* SECURITY UPDATE: POKE request flooding
- added debian/patches/CVE-2008-3263: Adjust chan_iax2.c to prevent
'POKE' request flooding. Based on upstream patch.
- CVE-2008-3263
- AST-2008-010
* SECURITY UPDATE: firmware packet flooding
- added debian/patches/CVE-2008-3264: Adjust chan_iax2.c to prevent
firmware packet flooding. Based on upstream patch.
- CVE-2008-3264
- AST-2008-011
* SECURITY UPDATE: information leak in IAX2 authentication
- added debian/patches/CVE-2009-0041: Adjust chan_iax2.c to fix
information leak in IAX2 authentication. Based on upstream patch.
- CVE-2009-0041
- AST-2009-001
* SECURITY UPDATE: SIP responses expose valid usernames
- added debian/patches/CVE-2008-3903: Adjust chan_sip.c to make
it more difficult to scan for available usernames.
- CVE-2008-3903
- AST-2009-003
* SECURITY UPDATE: An attacker could hijack a manager session
- added debian/patches/CVE-2008-1390: Adjust manager.c to
never assign an invalid id of 0
- CVE-2008-1390
- AST-2008-005
-- Brian Thomason <email address hidden> Mon, 16 Mar 2009 17:52:11 -0400
Upload details
- Uploaded by:
- Brian Thomason
- Sponsored by:
- Jamie Strandboge
- Uploaded to:
- Hardy
- Original maintainer:
- MOTU
- Architectures:
- any
- Section:
- comm
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| asterisk_1.4.17~dfsg.orig.tar.gz | 5.0 MiB | 1d44489aaeb6e935a59eb9a64d65ccfa52639efcae8a186161912d9ffe6ae412 |
| asterisk_1.4.17~dfsg-2ubuntu1.1.diff.gz | 182.8 KiB | 9dc1f660a6c79cf81c6ae3e81a3149d5085c96ab17207bcff6363ace6ebfab58 |
| asterisk_1.4.17~dfsg-2ubuntu1.1.dsc | 1.6 KiB | 3bd1460330b41ad3222c9d53895c8844a1c7bc0b8da60ce01c8cd0df7174b2ec |
Available diffs
Binary packages built by this source
- asterisk: No summary available for asterisk in ubuntu hardy.
No description available for asterisk in ubuntu hardy.
- asterisk-config: No summary available for asterisk-config in ubuntu hardy.
No description available for asterisk-config in ubuntu hardy.
- asterisk-dbg: No summary available for asterisk-dbg in ubuntu hardy.
No description available for asterisk-dbg in ubuntu hardy.
- asterisk-dev: No summary available for asterisk-dev in ubuntu hardy.
No description available for asterisk-dev in ubuntu hardy.
- asterisk-doc: No summary available for asterisk-doc in ubuntu hardy.
No description available for asterisk-doc in ubuntu hardy.
- asterisk-h323: No summary available for asterisk-h323 in ubuntu hardy.
No description available for asterisk-h323 in ubuntu hardy.
- asterisk-sounds-main: No summary available for asterisk-sounds-main in ubuntu hardy.
No description available for asterisk-
sounds- main in ubuntu hardy.
